Complete these steps to enable external volume access in Cloud Pak for Data System 2.0.1.
About this task
To enable users to connect to remote SMB storage volumes from IBM® Cloud Pak for Data a cluster
administrator must install the SMB CSI Driver for Kubernetes to enable the cluster to communicate
with your remote SMB volumes. Then the administrator must create a cluster role and cluster role
binding to grant the meta-api
the appropriate permissions to provision persistent
volumes.
Procedure
- Log on to Red Hat OpenShift Container Platform as a user with sufficient permissions to
complete this task. You must be a cluster administrator.
oc login OpenShift_URL:port
- Install
csi-smb-driver
.
The SMB CSI Driver for Kubernetes is provided by the Kubernetes CSI organization, which provides
Kubernetes specific Container-Storage-Interface (CSI) components.
- Create the required cluster role and cluster role binding for the
meta-api
:
cat <<EOF | oc apply -f -
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
# "namespace" omitted. ClusterRoles are not scoped to a namespace.
name: ibm-zen-volumes-cluster-role
rules:
- apiGroups: [""]
#
# at the HTTP level, the name of the resource for accessing Secret
# objects is "secrets"
resources: ["persistentvolumes"]
verbs: ["create", "get", "list", "patch", "update", "watch", "delete", "use"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: ibm-zen-volumes-cluster-role-binding
subjects:
- kind: ServiceAccount
name: ibm-zen-operator-serviceaccount
namespace: ibm-common-services # The namespace where the IBM Cloud Pak foundational services are installed
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ibm-zen-volumes-cluster-role
EOF